PTF HMC V8 R8.2.0 Service Pack 3 Readme Hardware Management Console Readme For use with Version 8 Release 8.2.0 Date: 28 October 2016 (C) Copyright International Business Machines Corp., 2016 All rights reserved. Contents The information in this Readme contains fix list and other package information about the Hardware Management Console. * Description <#descrip> * Package Information <#package> * List of fixes <#fixes> * Installation <#install> PTF HMC V8 R8.2.0 Service Pack 3 This package represents a service pack image that can be used to update your HMC from HMC V8R8.2.0 to HMC V8R8.2.0 Service Pack 3. You can also reference this package by PTF MH01583 and APAR MB03978. This image can be installed on top of HMC Version 8 Release 8.2.0 Recovery installation (MH01453) with or without additional PTFs installed. *Note:* Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V8R820_SP3.iso 2320693248 12b5f713afe257e97b4f2f0d7e684bcb4e57513c MB03978 MH01583 Splash Panel information (or lshmc -V output) ""version= Version: 8 Release: 8.2.0 Service Pack: 3 HMC Build level 20161019.1 ","base_version=V8R8.2.0 " List of Fixes Security Fixes * Fixed IBM Websphere Application Server (WAS) vulnerabilities: CVE-2016-0378 and CVE-2016-5986. * Fixed Apache Tomcat vulnerability: CVE-2016-3092. * Set the X-Frame-Options HTTP response header from all HMC /dashboard URLs to instruct the browser to not allow framing from other domains. This change is intended to prevent Clickjacking attacks. * Disabled TLS 1.0 for HMC ports 443, 9920 and 9960 in legacy security mode. General fixes This package provides the following fixes: * Fixed an issue where HMC GUI performance degrades over several days requiring frequent reboots to recover. Overall memory use will show a steady increase during that same time. The issue is seen most often on HMCs managing hundreds of partitions. * Fixed Repair & Verify instructions on POWER8 models MME and MHE during disruptive repairs to remove power from the front of CEC drawers instead of rear. * Corrected the error messages returned when backup critical console data using SFTP fails. * Fixed an issue with help where the path did not include the right details when following links from The Help->Base Tasks and Console->Customize Outbound Connectivity->Internet page displayed the incorrect content. * Fixed an issue where adding multiple vlan ids as a comma-separated list fails with error "/The Additional Vlan id is not in the valid range/". * Fixed an issue where attempting to remove NTP entries using the chhmc command fails with "/Server not found in configuration file/" when there is a space at the end of the entry in the underlying xntp configuration file. * Fixed an issue where the extended error data (EED) transmission can fail sometimes when there is a credential error with the reporting SRC in the problem analysis results. * Fixed an issue with Repair & Verify code sync for dual FSP servers that could cause a failure of "/Exception text(0):Caught the following exception verifying if FSP code levels match: com.ibm.sfp.updates.core.PIUpdateException: getPlatformCurrIplSide returned null/". * Changed system plans created on the HMC to no longer include the Auto Start field. * Fixed an intermittent problem that can result in serviceable event E35A0007 and cause errors when connecting to the HMC remotely. * Fixed an issue where logging on with a user profile created at an earlier release may result in serviceable event E35F0010 and some user profile properties being reset to their defaults. * Fixed a Repair & Verify issue on systems utilizing the 24 inch frame with a power subsystem where users can experience a failure of concurrent service maintenance activities on power components within the CEC enclosure, the Power Subsystem enclosure, and any installed I/O devices within the frame. Servers impacted include the POWER 575, 590, 595, 795: Models 9125-F2A,F2B,F2C; 9118-575; 9119-590,595,FHA,FHB; 9406-595. Errors include: "/An internal error occurred when the management console // //attempted to validate the service network. Some or all of the // //required network resources may not be available. Contact your // //next level of support for problem determination./" and "/Redundancy status could not be determined for the FRU in // //location: // //U5791.001.XXXXXXX-Ex" (example) // // // //The FRU cannot be exchanged concurrently. The IO Drawer must be// //powered off and partitions may need to be shut down to continue// //the repair./ " * Enhanced the handling of problem data files to prevent a possible root (/) file system full issue. * Fixed a problem where an attempt to deploy a system plan created with the IBM system planning tool on a model MHE/MME fails with an error reported against two of the three system units: "/System plan system unit 9119_MME-1-0, type MME not valid as planned. Validation errors occurred when compared to every MME type system unit found on the managed system. system unit 9119_MME-1-0 planned hardware in this system unit not found on the managed system in any unit of type MME./" * Fixed an issue causing the update of I/O device microcode from IBM microcode CD/DVD to fail with "/HSCF0179W Operation was partially successful for .// //An error occurred while attempting to update I/O microcode on :// //An error occurred copying a file from the CDROM. First verify the correct media is inserted in the drive, that there is space available on the target system, then try the operation again./" * Fixed a problem where some GUI views of system firmware levels such as the Updates, System Code Levels table incorrectly show a deferred level of none (or blank) when a deferred level exists. * Fixed a problem that caused E2FF4304 SRCs to be generated during HMC PTF installation. * Prevent the generation and call home of SRC E3550925. This SRC is generated when creating a Kerberos user and no remote user ID is specified or the remote user ID specified is not valid. * Prevent the call home of SRC E3690102. This SRC is generated during the installation of an HMC service pack or iFix. * Changed SRC E302FA06 notification type from "call home" to "customer notify". This SRC is generated when there is a survey error of available Power firmware. * Fixed an issue with the Change License Internal Code task where specifying an update of only I/O microcode incorrectly updated the server firmware to the latest level even though it was not selected. This problem only occurs when "latest concurrent" or "latest, even if disruptive" LIC types are selected. To work around this problem, select the "specific levels" LIC type. * Fixed a problem where, on the local HMC console session, the HMC Management > Open Restricted Shell Terminal GUI task is not displayed for any HMC user except hscroot. * Fixed a problem where HMC to HMC communication intermittently fails resulting in serviceable event B3036620 . Other symptoms include failure to negotiate a primary HMC for problem analysis which can result in failure to report a server serviceable event or calling home the same event twice. Repeated occurrences of the B3036620 without a HMC reboot can eventually lead to a hang of the HMC where users are unable to login via the GUI or run commands via ssh. * Fixed an issue where system initiated System Dump files were not being automatically called home. * Fixed an issue where rmsysconn appeared to succeed, but the connection persisted after reboot. * Fixed an issue where attempting to remove a firewall service which has more than one port configured fails with error "/Firewall rule not removed; rule does not exist./" * Fixed an issue where a serviceable event customer notification is not sent when the callhome fails. * Fixed a report of serviceable event E3551081 for a temporary error accessing the Remote HMC menu locally on the HMC to be an informational SRC and not call home. * Enhanced the shutdown procedure on HMC models CR5, CR6, CR7 and CR8 to notify IMM that a power down is going to occur prior to actually halting and powering off or rebooting the HMC. * No longer initialize the OS version the HMC shows for VIOS partitions with the underlying OS kernel version information. This practice sometimes caused the OS version shown for VIOS partitions to be the base AIX version, or to be the VIOS OS version appended with the AIX OS version distribution number. After this fix, if the HMC is unable to query the OS version information from the VIOS, the OS version shown will be blank. * Fixed an issue where the HMC web server may intermittently deadlock. Symptoms include one or more of the following: unable to connect using a browser; browser error "Service Temporarily Unavailable"'; multiple serviceable events for E35A0016 and/or E35A0017; unable to restart due to / file system full from repeated diagnostic dumps. Back to top <#ibm-content> Installation Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions Back to top <#ibm-content>